source: wwwsecurityfocuscom/bid/9537/info
Due to a lack of access validation to the '_admin' directory, malevolent users may be able to execute arbitrary admin scripts This may allow a malicious user to upload arbitrary files to the affected system and gain access to files outside of the web server root directory There may also be other ...